ntlm authentication
NTLM Authentication Vulnerability N/A
Web Client NTLM Authentication Vulnerability bug repair. more>> Microsoft has released a patch that eliminates a security vulnerability in a component that ships with Microsoft Office 2000, Windows 2000, and Windows Me. The vulnerability could, under certain circumstances, allow a malicious user to obtain cryptographically protected logon credentials from another user when requesting an Office document from a web server.<<less
Microsoft Windows 2000 Patch: Web Client NTLM Authentication Update
Microsoft Windows 2000 Patch: Web Client NTLM Authentication Update is designed to deal with the Web Client NTLM Authentication security vulnerability in Windows 2000 and Office 2000 and is discussed in Microsoft Security Bulletin MS01-001 more>>
Microsoft Windows 2000 Patch: Web Client NTLM Authentication Update is designed to deal with the "Web Client NTLM Authentication" security vulnerability in Windows 2000 and Office 2000 and is discussed in Microsoft Security Bulletin MS01-001. Download now to ensure that your Web Extender Client (WEC) components are set to the recommended Internet Explorer security levels, to prevent a malicious Web site operator from capturing your logon credentials.
Under specific conditions, this vulnerability allows a malicious Web site operator to obtain the cryptographically protected logon credentials of a visiting user. This is because the security settings for WEC components are set to incorrect levels, which allows your computer to send information about your authentication credentials to remote Web applications.
Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001
Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 is regarded as an innovative and versatile patch which eliminates a security vulnerability in a component that ships with Microsoft Office 2000, Windows 2000, and Windows Me. more>>
Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows Me) MS01-001 is regarded as an innovative and versatile patch which eliminates a security vulnerability in a component that ships with Microsoft Office 2000, Windows 2000, and Windows Me.
The vulnerability could, under certain circumstances, allow a malicious user to obtain cryptographically protected logon credentials from another user when requesting an Office document from a Web server.
The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows IE to view and publish files via Web folders, similar to viewing and adding files in a directory through Windows Explorer. Due to an implementation flaw, WEC does not respect the IE Security settings regarding when NTLM authentication will be performed. Instead, WEC will perform NTLM authentication with any server that requests it. If a user established a session with a malicious user's Web site, either by browsing to the site or by opening an HTML mail that initiated a session with it, an application on the site could capture the user's NTLM credentials. The malicious user could then use an offline brute-force attack to derive the password or, with specialized tools, could submit a variant of these credentials in an attempt to access protected resources.
The vulnerability would only provide the malicious user with the cryptographically protected NTLM authentication credentials of another user. It would not, by itself, allow a malicious user to gain control of another user's computer or to gain access to resources to which that user was authorized access. In order to leverage the NTLM credentials (or a subsequently cracked password), the malicious user would have to be able to remotely logon to the target system.
However, best practices dictate that remote logon services be blocked at border devices, and if these practices were followed, they would prevent an attacker from using the credentials to logon to the target system.
Frequently asked questions regarding this vulnerability can be found here.
Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001
Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) has come as a handy tool to deal with a security vulnerability in a component that ships with Microsoft Office 2000, Windows 2000, and Windows Me. more>>
Microsoft Web Client NTLM Authentication Vulnerability Patch (Windows 2000) MS01-001 has come as a handy tool to deal with a security vulnerability in a component that ships with Microsoft Office 2000, Windows 2000, and Windows Me. The vulnerability could, under certain circumstances, allow a malicious user to obtain cryptographically protected logon credentials from another user when requesting an Office document from a Web server.
The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows Internet Explorer to view and publish files via Web folders, similar to viewing and adding files in a directory through Windows Explorer. Due to an implementation flaw, WEC does not respect the IE Security settings regarding when NTLM authentication will be performed.
Instead, WEC will perform NTLM authentication with any server that requests it. If a user established a session with a malicious user's Web site, either by browsing to the site or by opening an HTML mail that initiated a session with it, an application on the site could capture the user's NTLM credentials. The malicious user could then use an offline brute-force attack to derive the password or, with specialized tools, could submit a variant of these credentials in an attempt to access protected resources.
The vulnerability would only provide the malicious user with the cryptographically protected NTLM authentication credentials of another user. It would not, by itself, allow a malicious user to gain control of another user's computer or to gain access to resources to which that user was authorized access. In order to leverage the NTLM credentials (or a subsequently cracked password), the malicious user would have to be able to remotely logon to the target system. However, best practices dictate that remote logon services be blocked at border devices, and if these practices were followed, they would prevent an attacker from using the credentials to logon to the target system.
Microsoft Windows ME Security Patch: Web Client NTLM Authentication Vulnerability MS01-001
The Web Extender Client (WEC) is a component that ships as part of Office 2000, Windows 2000, and Windows Me. WEC allows IE to view and publish files via web folders, similar to viewing and adding fil more>>
Authentication 1.03
Basic Authentication is a little program that converts a user name (login) and optionally a password to/from their Base64 Basic Authentication counter... more>> <<less
Cellular Authentication Token 4
Cellular Authentication Token is a convenient and simple-to-use utility which manages Fixed and One Time Passwords on Java enabled Cellular. more>> <<less
manage your fixed ...The CAT (Cellular Authentication Token) is TFA (Two Factors
Internet Policy and Authentication 1.1
If you or your company use Watchguard Firebox firewalls that require user authentication to surf the Web, then this program is for you more>>
Internet Policy and Authentication 1.1 is developed as a perfect solution for you in case you or your company use Watchguard Firebox firewalls that require user authentication to surf the Web. This free program allows you to authenticate through a Watchguard Firebox firewall without having to navigate and maintain a separate Web browser with the Firebox java applet.
Our application encapsulates the Firebox applet and allows you to authenticate and then minimize the application to your computer's system tray, getting it out of the way and eliminating the need for a separate, dedicated Web browser.
Enhancements: May include unspecified updates, enhancements, or bug fixes.
Message Level Authentication 0.8.3.1
The Message Level Authentication Thunderbird extension signs your sent messages with the Message Level Authentication Protocol more>>
When you register an e-mail address each messsage you send will be signed with the Message Level Authentication Protocol guaranteeing that you sent the message.
When using Message Level, your recipients will know that message came from you and will be dazzled with your certified image that you have set for that address. This image can be set in the My Account section of our web site.
Use these best practices to thwart spam and phishing attempts.
System requirements:
- Thunderbird: 2.0 ? 2.0.0.*
Basic Authentication 1.03 build 6.1
Basic Authentication - a program that converts a user name and optionally a password to their Base64 Basic Authentication counte more>>
Basic Authentication allows you to encode a username and a password and provides you with an authentication string that is copied to the clipboard.
From that authentication string, the application will decode your personal data: the given username and password.
Basic Authentication is a little program that converts a user name (login) and optionally a ... password to/from their Base64 Basic Authentication counterpart910439 - Troubleshooting Forms Authentication 1
910439 - Troubleshooting Forms Authentication is a useful program which contains the FormsAuthLogger.exe file. more>> <<less
Message Level Authentication for WebMail 0.7.7
Firefox extension that will authenticate mail from Message Level Network Users more>>
System requirements:
- Firefox 1.5 - 2.0.0.*
Message Level Authentication for WebMail 0.7 ... Message Level Authentication for WebMail appears as an innovative and efficient program thatLicense:Freeware
Message Level - Message Level Authentication for WebMail 0.6 ... Message Level AuthenticationAuthentication Image 1.2 Build 20070303
A useful anti spam plugin for LifeType more>> A useful anti spam plugin for LifeType
This LifeType plugin offers extra comment authentication for pLog by using a captcha.
Take Authentication Image for a spin and see what it is capable of!
System requirements:
- LifeType
Windows NT Authentication Vulnerability Patch MS02-024
Windows NT Authentication Vulnerability Patch has come as a useful program designed to deal with the Authentication Flaw in Windows Debugger Can Lead to Elevated Privileges security vulnerability in Windows NT 4.0. more>>
Windows NT Authentication Vulnerability Patch MS02-024 has come as a useful program designed to deal with the ""Authentication Flaw in Windows Debugger Can Lead to Elevated Privileges"" security vulnerability in Windows NT 4.0. This vulnerability is the result of a flaw in the authentication mechanism for the Windows debugging facility that allows unauthorized programs to gain access to the debugger. Download now to prevent malicious users from gaining elevated privileges through the debugging facility and running code of their choice on your computer.
Windows NT Remote Registry Access Authentication Vulnerability
Windows NT Remote Registry Access Authentication Vulnerability has come as a helpful program to deal with a security vulnerability in Microsoft Windows NT 4.0. more>>
Windows NT Remote Registry Access Authentication Vulnerability has come as a helpful program to deal with a security vulnerability in Microsoft Windows NT 4.0. This vulnerability can allow access to the Registry from a remote computer. The remote computer must be authenticated by a remote Registry server before it can be processed. If a request is malformed in a specific fashion, the request is misinterpreted by the remote Registry server, causing it not to work.
Because the remote Registry server runs within the Winlogon.exe system process in Windows NT 4.0, a problem in that process causes problems with the entire system. Only an authenticated user can run such a request. An anonymous (or null-session) connection cannot cause this problem. You can place an affected computer back in service by rebooting the computer.
A supported fix that corrects this problem is now available from Microsoft, but it has not been fully regression tested and should be applied only to systems experiencing this specific problem. If you are not severely affected by this specific problem, Microsoft recommends that you wait for the next Windows NT 4.0 service pack that contains this fix.
